The cybercriminals then threaten to destroy their data if a ransom is not paid. “We have seen vulnerabilities stored by the Central Intelligence Agency show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world”, blasted Microsoft’s chief legal officer and president Brad Smith in a blog. This means that most government departments and businesses in the Middle East were closed, possibly averting mass disruption in a region where the use of Windows XP and 2003 operating systems is prevalent.
A spokeswoman for Microsoft said it was preparing a response.
The Electronic Frontier Foundation also called for more visibility into the government’s use of security flaws, saying Wanna Cry “points to the need for transparency into and reform of how the government handles software vulnerabilities it retains”.
Last week, the NHS hospital network in the United Kingdom reported a major cyber attack that quickly expanded across the globe, affecting almost 150,000 companies in 150 different countries.
“The size of the outbreak is indicative of the number of machines out there which have not been patched with security updates”. (Note: the “Windows Update” section is also handy for showing you updates that are now being downloaded or applied.) Under “Advanced Options“, just make sure the drop down box is set to “Automatic”. The precedent may impact other software sellers too.
“We could use a national cybersecurity policy”, said Gartner cybersecurity analyst Avivah Litan. “That’s going to become a more common practice”. “But at the same time, I also know that if you’re someone who’s been affected and you’ve lost all your children’s photographs or you’ve lost all your data or you lost your thesis, sometimes $300 is worth it, you know?”
A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, according to Kaspersky Lab, a Russian cybersecurity provider. Once malicious software is in the wild, it is commonly reused by hacking groups, especially nation-states trying to leave the fingerprints of another country. Some security researchers speculated that if the perpetrators were North Korean, the goal may have been to cause a widespread internet outage to coincide with this weekend’s latest missile test. Usually used by cyber criminals, ransomware is a popular means of making illicit money from victims who have to pay the criminals in order to have their data decrypted.
“Across the [US] federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure”, Reuters reported in March. “Occasionally mistakes happen”, he added.